- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Wed, 04 May 2022 22:41:26 +0000
- To: public-webauthn@w3.org
> There isn't a way to request a particular kind of UV, but there is the [`uvm` extension](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-uvm-extension) which, if the authenticator supports it, can report after the fact what kind of UV was performed. It may also be possible to use attestation to determine what kind of UV was done. You could then choose to reject assertions with an unsatisfactory UV method if you so wish. While UVM "exists" nothing implements it, so you can't really rely on this as a relying party in any capacity. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1728#issuecomment-1118000290 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 4 May 2022 22:41:27 UTC